Amendments to the Claims 



This listing of claims replaces all prior versions, and listings, of claims in the 
application. 

CLAIM LISTING: 

1 Claims 1-6. (Canceled) 

1 7. (Currently amended) A method for allowing a client application running 

2 on a client machine linked to a client network to establish communication , m 

3 a client network, a first connection at a first security level with a first port of 

4 a server application hosted in a server machine linked to a server network, in 

5 order to send exchange messages addressed to with the server machine 

6 application , said messages passing from between the client network te and 

7 the server network through a network layer (CR) of a gateway machine, the 

8 method comprising: 

9 A) receiving a request from the client application to establish 

10 communication at a first security level to a first port on the server machine; 

11 B) creating a first port on the gateway machine; 

12 C) creating at least one first created process on the gateway machine; 

13 D) establishing a first connection from the client application to the first port 

14 on the gateway machine, the first connection connecting the client machine 

15 to the gateway machine for the exchange of messages at the first security 

16 level; 

17 E) creating a second port in the gateway machine; 

18 F) establishing a second connection from the second port of the gateway 

19 machine to the first port of the server machine, the second connection to be 
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20 used to exchange messages at a second security level which is reduced from 

21 the first security level; and. 

22 G) rerouting to the second port of the gateway machine , by ordering the 

23 network layer (CR) of the gateway machine, any messages sent from the 

24 client network and addressed to the first port of the server machine; 

25 H)_ receiving at the second port of the gateway machine a request addressed 

26 to the first port of the server application to establish said first connection 

27 with the first port of the server application; routing, to the first port of the 

28 gateway machine, messages received bv the gateway machine that are 

29 addressed to the client application on the client machine; and. 

30 listening to the second port of the gateway machine to detect the request 

31 addressed to the first port of the server application to establish said first 

32 connection with the first port of the s e rver application; 

33 generating, in the gateway machine, a thread which establishes said first 

34 connection; and generating a second connection at a second security level 

35 between the gateway machine and a third port of the server application, the 

36 third port being configured to receive at least one message at the second 

37 security level from the gateway machine via said second connection; 

38 I) the first created process on the gateway machine handling security 

39 processing at the first security level for said messages sent and said 

40 messages received on the first port of the gateway machine, thereby 

41 removing from the server machine, security processing at the first security 

42 level for these messages . 

43 wherein the generating of said thread and s aid second connection is 

44 performed in response to the detection of the request addressed to the first 

45 port of the server application to establish said first connection. 
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1 8. (Currently amended) A method according to claim 7, wherein said first 

2 created process t hread: establishes, in a first phase, said first connection at 

3 the first security level in a first interface associated with the secon d first p ort 

4 and with said request; 

5 establishes, in a second phase, said second connection at the second security 

6 level in a second interface to the second third p ort in the server machine; 

7 writes, in a third phase, at the second security level in to the second 

8 interface, any message read in the first interface at the first security level, 

9 and writes, in a fourth phase, at the first security level in tothe first 

10 interface, any message read in the second interface at the second security 

11 level. 

1 Claim 9. (Canceled) 

1 10. (Currently amended) A method according to claim 7, wherein said 

2 creating and rerouting steps D, E, and F are executed automatically by a-the 

3 first created p rocess of the gateway machine, and wherein said first created 

4 process generates a second process that executes said listening and 

5 generating steps G and H . 

1 11. (Currently amended) A method according to claim 8, wherein said 

2 creating^ and rerouting steps D. E. and F are executed automatically by a-the 

3 first created p rocess of the gateway machine, and wherein said first created 

4 process generates a the_second process that executes said list e ning and 

5 generating steps G and H . 
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1 Claims 12-13 (Canceled) 

1 14. (Currently amended) A method for allowing a client application to 

2 establish, in a client network, a first connection at a first security level with a 

3 first port of a server application hosted in a server machine linked to a server 

4 network, 

5 in order to send messages addressed to the server machine, said messages 

6 passing from the client network to the server network through a network 

7 laye r (CR) of a gateway machine, the method comprising: 

8 generating, in the gateway machine, a processing thread which establishes 

9 said first connection; 

10 activating, in the gateway machine, a secure application proxy that performs 

1 1 security processing at the first security level and that reroutes the messages 

12 addressed to the first port of the server application away from the first 

13 connection; and^ 

1 4 establishing at a second security level lower than the first security level, a 

1 5 second connection at a second security level between a second port of the 

16 server application and the gateway machine, said second port being 

17 configured to receive at least one message at a second security level from the 

18 gateway machine via said second connection, 

19 and wherein said generating step is performed in response to detection of a 

20 request from the client application addressed to the first port of the server 

21 application to establish said first connection; and 

22 wherein said second connection is unknown to said client application. 
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1 Claims 15-19 (Canceled) 

1 20. (Currently amended) A method according to claim 7, further 

2 comprising deleting, by ordering the network layer (CR) of the gateway 

3 machine, any message messages sent from the client network to the third a 

4 port other than the first p ort located in the server machine regardless of a 

5 security level of said message sent to the thifd port other than the first port. 

1 21. (Canceled) 

1 22. (Previously presented) A method as claimed in claim 14, wherein the 

2 rerouting of the messages addressed to the first port of the server application 

3 is done in a way that is transparent to the client application. 

1 23. (New) A method as claimed in claim 7, wherein the rerouting of the 

2 messages addressed to the first port of the server application is done in a 

3 way that is transparent to the client application. 
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